xref: /freebsd/sys/contrib/openzfs/etc/init.d/zfs-load-key.in (revision 43a5ec4eb41567cc92586503212743d89686d78f) 
1#!@DEFAULT_INIT_SHELL@
2#
3# zfs-load-key  This script will load/unload the zfs filesystems keys.
4#
5# chkconfig:    2345 06 99
6# description:  This script will load or unload the zfs filesystems keys during
7#               system boot/shutdown. Only filesystems with key path set
8#               in keylocation property. See the zfs(8) man page for details.
9# probe: true
10#
11### BEGIN INIT INFO
12# Provides:          zfs-load-key
13# Required-Start:    $local_fs zfs-import
14# Required-Stop:     $local_fs zfs-import
15# Default-Start:     2 3 4 5
16# Default-Stop:      0 1 6
17# X-Start-Before:    zfs-mount
18# X-Stop-After:      zfs-zed
19# Short-Description: Load ZFS keys for filesystems and volumes
20# Description: Run the `zfs load-key` or `zfs unload-key` commands.
21### END INIT INFO
22#
23# Released under the 2-clause BSD license.
24#
25# This script is based on debian/zfsutils.zfs.init from the
26# Debian GNU/kFreeBSD zfsutils 8.1-3 package, written by Aurelien Jarno.
27
28# Source the common init script
29. @sysconfdir@/zfs/zfs-functions
30
31# ----------------------------------------------------
32
33do_depend()
34{
35	# bootmisc will log to /var which may be a different zfs than root.
36	before bootmisc logger zfs-mount
37
38	after zfs-import sysfs
39	keyword -lxc -openvz -prefix -vserver
40}
41
42# Load keys for all datasets/filesystems
43do_load_keys()
44{
45	zfs_log_begin_msg "Load ZFS filesystem(s) keys"
46
47	"$ZFS" list -Ho name,encryptionroot,keystatus,keylocation |
48	    while IFS="	" read -r name encryptionroot keystatus keylocation; do
49		if [ "$encryptionroot" != "-" ] &&
50			[ "$name" = "$encryptionroot" ] &&
51			[ "$keystatus" = "unavailable" ] &&
52			[ "$keylocation" != "prompt" ] &&
53			[ "$keylocation" != "none" ]
54		then
55			zfs_action "Load key for $encryptionroot" \
56			    "$ZFS" load-key "$encryptionroot"
57		fi
58	done
59
60	zfs_log_end_msg 0
61
62	return 0
63}
64
65# Unload keys for all datasets/filesystems
66do_unload_keys()
67{
68	zfs_log_begin_msg "Unload ZFS filesystem(s) key"
69
70	"$ZFS" list -Ho name,encryptionroot,keystatus | sed '1!G;h;$!d' |
71	    while IFS="	" read -r name encryptionroot keystatus; do
72		if [ "$encryptionroot" != "-" ] &&
73			[ "$name" = "$encryptionroot" ] &&
74			[ "$keystatus" = "available" ]
75		then
76			zfs_action "Unload key for $encryptionroot" \
77			    "$ZFS" unload-key "$encryptionroot"
78		fi
79	done
80
81	zfs_log_end_msg 0
82
83	return 0
84}
85
86do_start()
87{
88	check_boolean "$ZFS_LOAD_KEY" || exit 0
89
90	check_module_loaded "zfs" || exit 0
91
92	do_load_keys
93}
94
95do_stop()
96{
97	check_boolean "$ZFS_UNLOAD_KEY" || exit 0
98
99	check_module_loaded "zfs" || exit 0
100
101	do_unload_keys
102}
103
104# ----------------------------------------------------
105
106if [ ! -e /sbin/openrc-run ]
107then
108	case "$1" in
109		start)
110			do_start
111			;;
112		stop)
113			do_stop
114			;;
115		force-reload|condrestart|reload|restart|status)
116			# no-op
117			;;
118		*)
119			[ -n "$1" ] && echo "Error: Unknown command $1."
120			echo "Usage: $0 {start|stop}"
121			exit 3
122			;;
123	esac
124
125	exit $?
126else
127	# Create wrapper functions since Gentoo don't use the case part.
128	depend() { do_depend; }
129	start() { do_start; }
130	stop() { do_stop; }
131fi
132